Monitoring Health Checks Using CloudWatch

Route 53 health checks integrate with CloudWatch metrics so that you can do the following:

Verify that a health check is properly configured.

Review the status of a health check over a specified period of time.

Configure CloudWatch to send an Amazon SNS alert when the status of a health check
is unhealthy. Note that several
minutes might elapse between the time that a health check fails and the time
that you receive the associated SNS notification.

To receive an Amazon SNS notification when a health check status is unhealthy (console)

In the navigation pane of the Route 53 console, choose Health Checks.

Choose the row for the applicable health check.

In the bottom pane, choose the Alarms tab.

The table lists the alarms that you've already created for this health check.

Choose Create Alarm.

Specify the following values:

Alarm name

Enter the name that you want Route 53 to display in the Name column on the
Alarms tab.

Alarm description

(Optional) Enter a description for the alarm. This value appears in the CloudWatch
console.

Send notification

Choose whether you want Route 53 to send you notification if the status of this health
check
triggers an alarm.

Notification target (Only when "Send notification" is "Yes")

If you want CloudWatch to send notification to an existing SNS topic, choose the topic
from the list.

If you want CloudWatch to send notification but not to an existing SNS topic, do one
of the following:

If you want CloudWatch to send email notification –
Choose New SNS topic and continue with this procedure.

If you want CloudWatch to send notification by another method –
Open a new browser tab, go to the Amazon SNS console, and create the new
topic. Then return to the Route 53 console,
choose the name of the new topic from the Notification target list, and
continue with this procedure.

Topic name (Only when you choose to create a new Amazon SNS topic)

Enter a name for the new Amazon SNS topic.

Recipient email addresses (Only when you choose to create a new Amazon SNS topic)

Enter the email address that you want Route 53 to send an SNS notification to when
a health check triggers
an alarm.

Alarm target

Choose the value that you want Route 53 to evaluate for this health check:

Health checkers that report the endpoint healthy (%)
(health checks that monitor an endpoint only) –
The percentage of Route 53 health checkers that report that the status of
the health check is healthy

Number of healthy child health checks (calculated health checks only) –
The number of child health checks in a calculated health check that report
that the status of the
health check is healthy

TCP connection time (HTTP and TCP health checks only) –
The time in milliseconds that it took Route 53 health checkers to establish
a TCP connection with the endpoint

Time to complete SSL handshake (HTTPS health checks only) –
The time in milliseconds that it took Route 53 health checkers to complete
the SSL/TLS handshake

Time to first byte (HTTP and HTTPS health checks only) –
The time in milliseconds that it took Route 53 health checkers to receive
the first byte of the response
to an HTTP or HTTPS request

Alarm target

For the alarm targets that are based on latency (TCP connection time,
Time to complete SSL handshake, Time to first byte), choose whether you want
CloudWatch to calculate latency for Route 53 health checkers in a specific
region or for all regions (Global).

Note that if you choose a region, Route 53 measures latency only twice per minute,
and the number of samples will be smaller
than if you choose all regions. As a result, outlying values are more likely.
To prevent spurious alarm notifications,
we recommend that you specify a larger number of consecutive periods that
the health check must fail before CloudWatch
sends you a notification.

Fulfill condition

Use the following settings to determine when CloudWatch should trigger an alarm.

Alarm Target

Recommended Condition

Description

Health check status

Minimum < 1

Route 53 health checkers report when the endpoint is unhealthy.

Health checkers that report the endpoint healthy (%)

Average < desired percentage

Health checks that monitor an endpoint only – Route 53 considers the status of a
health check to be unhealthy when less than 18% of health checkers report
that the status is healthy.
Don't choose Sample Count for this metric because the range of sample counts can change as
Route 53 adds more health checking regions. Average will always accurately represent
the percentage of checkers that are reporting the status of a health
check.

Number of healthy child health checks

Minimum < desired number of healthy child health checks

The Minimum statistic returns the most conservative value and
represents the worst-case scenario.

TCP connection time

Average > desired time in milliseconds

Average is a more consistent value than other statistics.

Time to complete SSL handshake

Average > desired time in milliseconds

Average is a more consistent value than other statistics.

Time to first byte

Average > desired time in milliseconds

Average is a more consistent value than other statistics.

For at least x consecutive periods of y minutes/hours/day

Specify how many consecutive time periods that the specified value must meet the criteria
before Route 53 sends notification.
Then specify the length of the time period.

When you choose Create, Amazon SNS sends you an email with information about the new SNS topic.

In the email, choose Confirm subscription. You must confirm your subscription to begin receiving CloudWatch notifications.

The CloudWatch Alarms list contains all the Route 53 alarms that you have created using the current AWS
account.

The State column shows the current status of each alarm:

OK

CloudWatch has accumulated enough statistics from Route 53 health checks to determine
that the endpoint doesn't meet the alarm threshold.

INSUFFICIENT DATA

CloudWatch hasn't accumulated enough statistics to determine whether the endpoint
meets the alarm threshold. This is the initial state of a
new alarm.

ALARM

CloudWatch has accumulated enough statistics from Route 53 health checks to determine
that the endpoint meets the alarm threshold and to send
notification to the specified email address.

To view or edit settings for an alarm, choose the name of the alarm.

To view an alarm in the CloudWatch console, which provides more detailed information
about the alarm (for example, a history of updates to the alarm
and changes in status), choose View in the More Options column for the alarm.

To view all the CloudWatch alarms that you created using the current AWS account,
including alarms for other AWS services, choose
View All CloudWatch Alarms.

To view all the available CloudWatch metrics, including metrics that aren't currently
being used by the current AWS account, choose
View All CloudWatch Metrics.